Bugtraq mailing list archives
Re: Bypassing Personal Firewalls
From: Johan Verrept <jove () exelsys be>
Date: Sun, 23 Feb 2003 21:13:42 +0100
Shaun Clowes wrote:
Why do you believe that the responsibility of protecting users from themselves should be bourne by the operating system? People who are using Personal Firewall systems may indeed want to be protected in this fashion but I suspect that for most people this is a non issue.
Actually, this has little to do with protecting a user from himself, this has to do with protecting one process from another. How do you trust any process you have running if malicious code could have embedded itself and you have no way of detecting this?
When all is said and done, if malicious code can run under your user ID then everything you do is compromised, I can't see much point in giving ourselves a false sense of security.
Perhaps not. But do you see a good reason to allow any process this much power over another unrelated process? If this kind of power is needed by one process over another, it should be implemented implicitly in both processes or the process should run under superuser UID.
regards, J.
Current thread:
- Bypassing Personal Firewalls xenophi1e (Feb 21)
- RE: Bypassing Personal Firewalls Drew Copley (Feb 21)
- RE: Bypassing Personal Firewalls Oliver Lavery (Feb 21)
- RE: Bypassing Personal Firewalls Drew Copley (Feb 21)
- RE: Bypassing Personal Firewalls Oliver Lavery (Feb 21)
- Re: Bypassing Personal Firewalls Shaun Clowes (Feb 23)
- Re: Bypassing Personal Firewalls Johan Verrept (Feb 24)
- Re: Bypassing Personal Firewalls Shaun Clowes (Feb 24)
- Re: Bypassing Personal Firewalls Zow (Feb 24)
- Re: Bypassing Personal Firewalls Johan Verrept (Feb 24)
- Re: Bypassing Personal Firewalls Darwin (Feb 28)
- <Possible follow-ups>
- RE: Bypassing Personal Firewalls John Howie (Feb 23)
- RE: Bypassing Personal Firewalls Oliver Lavery (Feb 24)
- Re: Bypassing Personal Firewalls Torbjörn Hovmark (Feb 24)
- RE: Bypassing Personal Firewalls John Howie (Feb 24)
- RE: Bypassing Personal Firewalls Drew Copley (Feb 21)